1
response

Hi Team,

I have installed the NXlog community edition (nxlog-ce-2.10.2150.msi) on our windows server and I am trying to collect the Firewall (ASA) logs in windows server through NXlog.

I have used the following configuration but I am not receiving any logs. Can you help me on this

<Extension json>
Module xm_json
</Extension>
##Extension to format the message in syslog format
<Extension syslog>
Module xm_syslog
</Extension>

########## INPUTS ###########

<Input in_syslog_tcp>
Module im_tcp
Host 0.0.0.0
Port 1514
Exec parse_syslog();
</Input>

############ OUTPUTS ##############

<Output file>
Module om_file
File "C:\\test\\asa.log"
Exec to_syslog_ietf();
</Output>

<Route file>
Path in_syslog_tcp => file
</Route>

AskedMarch 6, 2020 - 1:58pm

Answer (1)

Hi,

Is there a way to confirm that logs are sent in the first place? Check if the port is open, maybe do a network capture to see if any traffic is exchanged.

-MisaZ